Re: [MMUSIC] WGLC on draft-ietf-mmusic-sdp-uks-03

Flemming Andreasen <fandreas@cisco.com> Wed, 08 May 2019 02:07 UTC

Return-Path: <fandreas@cisco.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C0F112002E; Tue, 7 May 2019 19:07:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.509
X-Spam-Level:
X-Spam-Status: No, score=-14.509 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ho4vaf-NqsFz; Tue, 7 May 2019 19:07:55 -0700 (PDT)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF84A120073; Tue, 7 May 2019 19:07:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=12843; q=dns/txt; s=iport; t=1557281274; x=1558490874; h=subject:from:to:cc:references:message-id:date: mime-version:in-reply-to; bh=KUaQKbWTvdT9dSS5gD8KANLxrXIAcRj4WQ3BEuG2Vh0=; b=JKYv2CgGRxZVElS7JCDJCETyPSHPXJPB5UDUmTRggHh+5/5bVuSe5hoN ZD9m4gEB/Vm8eg6YOj25Yrrw8omy6oJQGx0Y2TJ96eBiLe9ZjtB/mLf9+ 9Sx5IuSjcPW05dSTCLdhQRQViSat8IrI97VXC6bRFfaqLcaEsyGc1GsEa E=;
X-IronPort-AV: E=Sophos;i="5.60,444,1549929600"; d="scan'208,217";a="544739773"
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 08 May 2019 02:07:54 +0000
Received: from [10.118.10.20] (rtp-fandreas-2-8813.cisco.com [10.118.10.20]) by rcdn-core-7.cisco.com (8.15.2/8.15.2) with ESMTP id x4827qJR005573; Wed, 8 May 2019 02:07:53 GMT
From: Flemming Andreasen <fandreas@cisco.com>
To: Martin Thomson <mt@lowentropy.net>, Bo Burman <bo.burman@ericsson.com>, mmusic <mmusic@ietf.org>, Jon Peterson <jon.peterson@neustar.biz>, Cullen Jennings <fluffy@cisco.com>, "'Eric Rescorla'" <ekr@rtfm.com>
Cc: "draft-ietf-mmusic-sdp-uks@ietf.org" <draft-ietf-mmusic-sdp-uks@ietf.org>
References: <ec74675d-c576-f728-0481-c9488fb13beb@cisco.com> <ea61540a-20c7-0c3d-1f7d-4d702d9a5332@cisco.com> <e17042ae-af33-4b86-8a99-086290a1e8c0@www.fastmail.com> <f28a5698-d7bd-b39a-b307-fc8ced708ad3@cisco.com> <69e1ed84-7bae-4258-897b-a6d36716c261@www.fastmail.com> <718ce899-166c-b793-c7d4-84bb5fcceea5@cisco.com> <HE1PR07MB32592AA35C2183A0F1EB34BC8D550@HE1PR07MB3259.eurprd07.prod.outlook.com> <ea80d50b-9463-4bb4-ac89-862987a94585@www.fastmail.com> <4a6a7d47-bd49-ed20-561e-ed4223f2d190@cisco.com> <0de3648b-e750-41a7-819d-59d1bbf5ad70@www.fastmail.com> <d94aa49b-048f-59f4-3351-80d4d0af7eb2@cisco.com> <0cdf21b5-40ce-473c-86be-4d024ecb18a8@www.fastmail.com> <03e4c115-21be-2d09-b64c-77e358cff8e0@cisco.com> <7b48da1b-71fc-4502-a9ee-4b68c49c1769@www.fastmail.com> <1c22a10c-eed3-635b-c1cf-18a17ed48ba6@cisco.com>
Message-ID: <0b15610f-e887-457c-69ea-5aa86218a9e9@cisco.com>
Date: Tue, 7 May 2019 22:07:52 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <1c22a10c-eed3-635b-c1cf-18a17ed48ba6@cisco.com>
Content-Type: multipart/alternative; boundary="------------63587818AA4151716FB56C42"
Content-Language: en-US
X-Outbound-SMTP-Client: 10.118.10.20, rtp-fandreas-2-8813.cisco.com
X-Outbound-Node: rcdn-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/ZewhLMuV3EJ6r6rVsCtSiF4TsaM>
Subject: Re: [MMUSIC] WGLC on draft-ietf-mmusic-sdp-uks-03
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 May 2019 02:07:58 -0000

I took another look at the "chair review update" version at 
https://martinthomson.github.io/sdp-uks/chair-review/draft-ietf-mmusic-sdp-uks.html 
(I see you just posted an -04 as well - not sure if there are any 
differences between those two).

The "chair-review" version generally looks good to me, except in Section 
3.2, I think we need to say something about how to handle the situation 
where you send and/or receive both SIP Identity and SDP identity (we can 
have one take precedence or try both).

Also, two suggested editorial updates:

Section 3.1, first sentence after Figure 1
OLD: "The attack requires that Mallory obtain an identity binding for 
her own identity with the fingerprints presented by Patsy (P)."
NEW: "The attack requires that Mallory obtain an identity binding for 
her own identity with the fingerprints presented by Patsy (P), which 
Mallory may have obtained previously.".

Section 3.2, First paragraph after "Note" section:
s/Identity/"SIP Identity"

Other than that it looks good.

Thanks for the patience in all the discussion on this.

-- Flemming


On 5/7/19 5:29 PM, Flemming Andreasen wrote:
>
>
> On 5/6/19 12:53 AM, Martin Thomson wrote:
>> (I apologize for errors in adjusting quoting, our MTAs seem incompatible somehow.)
>>
>> On Sat, May 4, 2019, at 07:28, Flemming Andreasen wrote:
>>>>    Or 3PCC can be used without SIP identity (maybe the WebRTC identity
>>>> is used) and the attack would be relevant.
>>> Can WebRTC identity be used with regular SIP ?
>>>
>>> That's not the impression I got from
>>> https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-18  (where
>>> WebRTC identity is defined), nor do I think it should be since that
>>> would:
>>>   a) Be redundant with the SIP Identiy information defined in RFC 8224
>>> and hence require further treatment in terms of how you deal with
>>> discrepancies between the two.
>>>   b) Conflate session signaling (SIP) with media signaling (SDP).
>> These are reasons for not using WebRTC Identity in regular SIP, but I don't believe the two to be *fundamentally* incompatible.  The latter is perhaps a good argument against the use of WebRTC Identity at all, but the split between media and session signaling and the relationship of each with the security properties of the system is probably a topic of discussion for another draft.  We're just trying to work out how to proceed with this little piece.
>>
>>>   In any case, this is probably something that should be clarified in
>>> draft-ietf-rtcweb-security-arch-18 (might as well do that now, since
>>> you will ultimately get an SDP designated expert review from me on that
>>> one that will ask the same).
>> I'm sure that there's something worth saying there.  Not sure what other think, but I wouldn't expressly prohibit the use of the two in combination.  I would reduce this to pointing out that there is a potential for disagreement between the two that would be bad.
>>
>>>> It might be good to categorically say that 3PCC - as described in RFC 3725 - is incompatible with RFC 8224.  Would that help clarify this bit?
>>>   I believe so.
>> I've updated the PR with the following text (being the entire section on 3PCC):
>>
>> ---8<---
>> Third-party call control (3PCC) {{?RFC3725}} is a technique where a signaling
>> peer establishes a call that is terminated by a different entity.  This attack
>> is very similar to the 3PCC technique, except where the TLS peers are aware of
>> the use of 3PCC.
>>
>> 3PCC as described in RFC 3725 is incompatible with SIP identity {{?SIP-ID}} as
>> SIP Identity relies on creating a binding between SIP requests and SDP.  The
>> controller is the only entity that generates SIP requests in RFC 3725.
>> Therefore, in a 3PCC context, only the use of the `fingerprint` attribute
>> without additional bindings or WebRTC identity {{?WEBRTC-SEC}} is possible.
>>
>> For 3PCC to work with the proposed mechanisms, TLS peers need to be aware of the
>> signaling so that they can correctly generate and check the TLS extensions.  For
>> a connection to be successfully established, a 3PCC controller needs to either
>> forward SDP without modification, or to avoid modifications to `fingerprint`,
>> `tls-id`, and `identity` attributes.  A controller that follows the best
>> practices in RFC 3725 is expected to forward SDP without modification, thus
>> ensuring the integrity of these attributes.
>>
>> It is understood that this technique will prevent the use of 3PCC if peers have
>> different views of the involved identities, or the value of SDP `tls-id`
>> attributes.
>> ---8<---
>>
>> How does that work for you?
> That looks good to me - thx Martin
>
> -- Flemming
>> _______________________________________________
>> mmusic mailing list
>> mmusic@ietf.org
>> https://www.ietf.org/mailman/listinfo/mmusic
>> ..
>>
>
>
> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www.ietf.org/mailman/listinfo/mmusic